A security vulnerability in US domestic airline boarding passes means that travelers can scan the barcodes on their documents using a smartphone to reveals what kind of checks they are likely to face.

The BBC is reporting that the barcodes are unencrypted and contain information about what airport checks a passenger will face. Theoretically that means a traveller could work out if they had been picked for pre-boarding checks or not, and smuggle unauthorized items on board a plane. The problems has been highlighted by aviation blogger John Butler. On his blog, he writes:

I'm publishing this because I am seriously concerned with boarding pass security in the United States. The way TSA Pre-Check works is the organizations that participate transmit travel information for passengers who opt-in to the program to the TSA. Then the TSA in a way that randomizes security determines if the passenger is or is not eligible for Pre-Check and sends that information back to the Airline. The Airline then encodes that information in a barcode that is on the boarding pass it issues.

The problem is, the passenger and flight information encoded in barcode is not encrypted in any way. Using a web site I decoded my boarding pass for my upcoming trip...

[I]t's all there, PNR, seat assignment, flight number, name, etc. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check. On this trip as you can see I am eligible for Pre-Check. Also this information is not encrypted in any way.

The finding undermine the PreCheck system, which allows travelers to skip part of the pre-boarding security process. PreCheck costs $100, which the US customs agency charges to perform a background check, though some frequent fliers are granted the privilege free of charge.

However, simply scanning a printed boarding pass ahead of a flight could allow passengers to ascertain what level of security they will face at the airpot. That, obviously, is problematic. As security expert Graham Cluely explained to the BBC:

"No one should be able to tell in advance what level of security screening they will be receive before an air flight. The risk is that potential attackers could determine in advance which of them is going to be given the weakest screening—and get them to attempt to carry unauthorized item onboard. Potential attackers should not be given advance warning of the security measures they will be facing."